New Release: Tor Browser 8.5a11
Tor Browser 8.5a11 is now available from the Tor Browser Alpha download page and also from our distribution directory.
Note: this is an alpha release: an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.
This new alpha release includes some bug fixes and improvements. Among other things, on the desktop side we improved the browser toolbar layout, replaced the security slider with a toolbar icon and added mechanisms to introduce new features to users. We also improved the screen reader accessibility on Windows and added the es-AR locale.
On the Android side, we started using the Tor Onion Proxy Library.
The full changelog since Tor Browser 8.5a10 is:
- All platforms
- Update Torbutton to 2.1.6
- Bug 22538+22513: Fix new circuit button for error pages
- Bug 29825: Intelligently add new Security Level button to taskbar
- Bug 29903: No WebGL click-to-play on the standard security level
- Bug 27484: Improve navigation within onboarding (strings)
- Bug 29768: Introduce new features to users (strings)
- Bug 29943: Use locales in AB-CD scheme to match Mozilla
- Bug 26498: Add locale: es-AR
- Bug 29973: Remove remaining stopOpenSecuritySettingsObserver() pieces
- Translations update
- Update NoScript to 10.6.1
- Bug 29872: XSS popup with DuckDuckGo search on about:tor
- Bug 29916: Make sure enterprise policies are disabled
- Bug 26498: Add locale: es-AR
- Update Torbutton to 2.1.6
- Windows + OS X + Linux
- Windows
- Bug 27503: Improve screen reader accessibility
- Android
- Bug 27609 (and child bugs): Use Tor Onion Proxy Library
- Bug 29312: Bump Tor to 0.3.5.8
- Bug 29859: Disable HLS support for now
- Bug 28622: Update Tor Browser icon for mobile
- Bug 29238: Prevent crash on Android after update
- Bug 29982: Add additional safe guards against crashes during bootstrap
- Bug 29906: Fix crash on older devices due to missing API
- Bug 29858: Load onboarding panels after bootstrapping is done
- Bug 28329: Improve bootstrapping experience
- Bug 30016: Localize bootstrap-/bridge-related strings for mobile
- Build System
Comments
Please note that the comment area below has been archived.
Thanks for the great work! …
Thanks for the great work!
Anonymity protection feature request:
Like with a mixed HTTPS+HTTP content, consider warning the TB user when an Onion site opens a "clearnet" connection in background (onion+clearnet mix).
Example: during a search "DuckDuckGo Onion" [3g2upl4pq6kufc4m.onion] connects to its clearnet version duckduckgo.com (to load the search result document icons, etc.).
(DDG Onion: one might as well just use the clearnet DDG site... What info is transmitted outside of Tor? Possibly a traffic correlation risk for the Tor users?)
> during a search …
> during a search "DuckDuckGo Onion" [3g2upl4pq6kufc4m.onion] connects to its clearnet version duckduckgo.com (to load the search result document icons, etc.).
Can someone verify this behavior, please?
I don't have Wireshark…
I don't have Wireshark. There is at least one connection when the security slider is on Safer. On the search results page, a complete version of the following tag is in a sidebar module that shows a summary of Wikipedia's page about the search term:
[geshifilter-code]<img class="module--about__img" source="https://duckduckgo.com/...">[/geshifilter-code]
Procedure:
1. Open the page. Right-click on the page -> Inspect Element -> Network tab. Refresh the page. Click the header of the Domain column to sort it. Look for duckduckgo.com.
2. Right-click on the page -> View Page Info -> Media tab. Click the header of the Address column to sort it. Look for duckduckgo.com.
3. Back in Developer Tools, change from the Network tab to the Inspector tab. In the search box of the Inspector tab, search for substrings of the addresses you found. Ignore "a" tags because prefetching is disabled in TBB's default about:config.
There's more. Single words…
There's more. Single words sometimes display a horizontal bar of tiles above the results. The bar is in this tag:
<div id="zero_click_wrapper" class="zci-wrap">
Images in the bar are in tags that look like this:
<img class="tile__icon js-lazyload" src="<a href="https://duckduckgo.com/i/....jpg"" rel="nofollow">https://duckduckgo.com/i/....jpg"</a>; data-src="<a href="https://duckduckgo.com/i/....jpg">" rel="nofollow">https://duckduckgo.com/i/....jpg"></a>;
Please report this issue in…
Please report this issue in a bug report here https://trac.torproject.org/projects/tor/newticket
You need to make an account to post bug reports.
This is a problem in…
This is a problem in DuckDuckGo, not in Tor Project software.
Easy to verify-- temporarily…
Easy to verify-- temporarily install the Firefox uMatrix and do a search using DDG Onion; watch the uMatrix panel while the DDG Onion results load.
DDG search results now come with their corresponding document type icons. These icons are loaded from DDG clearnet site icons.duckduckgo.com even if .Onion is used.
BTW, uMatrix is an open-source addon that reveals way, way more junk than NoScript.
Also, (optional) you can make it remember your per-site rules.
Finally, its author doesn't have a known "privacy vs. allowed tracking ads" scandal in the past.
> Bug 29903: No WebGL click…
> Bug 29903: No WebGL click-to-play on the standard security level
https://trac.torproject.org/projects/tor/ticket/21805
With the default WebGL 1…
With the default WebGL 1 Driver Renderer Google Inc. -- ANGLE (Microsoft Basic Render Driver Direct3D11 vs_5_0 ps_5_0) you can see on about:support
15:50:14.841 Error: WebGL warning: Disallowing antialiased backbuffers due to blacklisting. 1 Troubleshoot.jsm:528:18
Does this make me more fingerprintable?
> Update NoScript to 10.6.1…
> Update NoScript to 10.6.1 XXX
XXX? Porn version? :)
I fixed it, thanks.
I fixed it, thanks.
> Bug 29872: XSS popup…
> Bug 29872: XSS popup with DuckDuckGo search on about:tor
It's time to revert it as:
This issue is verified as fixed on Firefox 60.6.2esr (20190416010130) under Win 7 64-bit and Mac OS X 10.14.1.
Yeah, we don that once we…
Yeah, we do that once we get the patch from upstream.
Good Time of day! With…
Good Time of day! With installed bridges There is no browser loading. There is Also no image saving. Android 7
How did you install bridges?
How did you install bridges? Oh, and did you get some useful log messages if you swipe from the right side of your phone to see some log messages?
Android Bug 27609 (and…
HEY EVERYBODY! IT'S TIME TO TEST ANDROID VERSION!
Is it safe?
Is it safe?
Please be more specific. …
Please be more specific. Read the changelog. The version in this post is an alpha version, denoted by the "a" in 8.5a11. Most people will want the standard version, 8.0.8, not the alpha development testing version.
I like the new icon on…
I like the new icon on Android. But perhaps the color scheme should be changed to the regular Tor colors?
It will. That's only the…
It will. That's only the logo from the alpha series. Stay tuned. :)
is it possible to make the…
is it possible to make the browser spoof the most common browser fingerprint?
Common browsers tend to have…
Common browsers tend to have a different fingerprint for each user, so there is not really a "most common browser fingerprint".
Panopticlick suggests…
Panopticlick suggests otherwise.
Panopticlick is not God
Panopticlick is not a God
Strawmen imply nonexistent…
Strawmen imply nonexistent ridiculous assertions.
Making all users look the…
Making all users look the same is one of the main goals of Tor Browser, so we try hard to have all users (or at least large groups of users) with the same fingerprint, but this is not the case with other browsers which have other priorities. Firefox has a preference to resist fingerprinting, but it is currently not enabled by default as it has some consequences on usability.
The numbers given by Panopticlick are not really meaningful for Tor Browser users because most Panopticlick users are using other browsers.
But even if there was a "most common browser fingerprint", the fact that a user is connecting through Tor is already obvious by looking at the IP address, so there is not much point in trying to hide that the user is a Tor Browser user.
For the benefit of newcomers…
For the benefit of newcomers, I add this: not only does using Tor Browser benefit the individual user, but the more people who use Tor Browser, the more the entire world benefits, because it becomes harder for adversaries to identify more and more people, which might eventually make "surveillance capitalism" and "dragnet surveillance" (by governments) uneconomic.
As a long series of troubling news stories since 2013 or so suggests (e.g. Snowden leaks, Facebook scandals, etc), this would probably be a good thing.
Growing the Tor userbase (and geographic/device diversity) will no doubt continue to be a major goal of Tor Project over the next decade. Assuming NSA/FSB/FBI/GCHQ/etc do not succeed in making Tor effectively illegal for everyone everywhere, that is.
Realistically speaking, how…
Realistically speaking, how different are fingerprints no the desktop version of Tor Browser on the standard security setting, across different operating systems and hardware? Can anonymity in the face of modern tracking techniques at all be expected on this setting?
Your questions and a comment…
Your questions and a comment in the v8.0.8 post would be great to turn into research projects based on data sets from fingerprint leak sites like EFF's panopticlick and others in replies to that comment. Those sites, themselves, are in the best position to find the answers and add those details and more relevancy to their sites. Anyone could work on it if the data sets are open. Your questions about Tor could be studied and placed on the metrics website.
Most of these sites show a…
Most of these sites show a very incomplete picture of what is really possible in terms of tracking and are quite outdated. Panopticlick's results are not meaningful in any way. They look at maybe 20 randomly chosen parameters, out of literally thousands of possible ways of tracking users.
See if it's possible to…
See if it's possible to build from their underlying data sets, not from their results. Starting by foregoing others' work and gathering from scratch is wasteful.
If your goal is to blend in…
If your goal is to blend in with everyone else, Tor Browser is one of the best tools. Exit nodes, like public proxies, mark your internet traffic with an IP address that's shared by many people simultaneously unlike your home or mobile IP address. The Tor Browser is set up to mark your browser traffic with one of three selectable configurations, so at the start of your session, you look like other people using Tor Browser on Tor.
Since your normal browser traffic is marked by your home or mobile IP that immediately makes your traffic stand out regardless of whether you're using a browser, and since Tor Browser is designed for its traffic never to be marked by your home or mobile IP, then the only way to compare the realistic significance of the fingerprints of Tor Browser versus normal browsers is for you to configure your normal browser to proxy as Tor Browser does. But setting a normal browser to use Tor is not recommended at all.
A user can modify their Tor Browser and make its fingerprint stand out, but many things they don't modify are reset by the security slider and New Identity functions. Some of the security choices made by developers of Tor Browser are passed back to developers of Mozilla Firefox. It definitely helps a general-purpose browser like Firefox to receive development feedback from security-privacy projects like this, and some of it pushes Firefox to look a little bit more like Tor Browser.
How do I download the…
How do I download the standalone tor only (non-browser bundle)? Can't find anything after the site redesign.
https://dist.torproject.org…
https://dist.torproject.org/torbrowser/8.0.8/tor-win32-0.3.5.8.zip
You guys do wonderful (hard)…
You guys do wonderful (hard) work, and I am grateful to each and every one who works on Tor products.
How does one download this…
How does one download this program and get it to work? I’ve had a brain injury and am not able to understand what I need to do. Thank you.
You can download Tor Browser…
You can download Tor Browser from this page:
https://www.torproject.org/download/
The Tor Browser manual also has some information:
https://tb-manual.torproject.org/
@ Nancey: I thought you…
@ Nancey:
I thought you might appreciate more detailed instructions:
1. Point your browser at https://www.torproject.org/download/ by clicking on a link if this sentence contains one or by typing that URL into the "location pane" of your browser. You should see a green lock icon indicating that your connection is "secured" by TLS, i.e. you have reason to think your browser will receive files from the real torproject.org not a malicious imitator.
2. Once the download page loads you should see a row of four icons standing for four types of operating systems: Microsoft (Windows), Apple (MacOS), Linux, Google (Android). Below each of these is a smaller link marked "sig".
3. Click on the "sig" for your operating system. After a few minutes you should see that you have downloaded a file with a name like 8.0.8/tor-browser-linux64-8.0.8_en-US.tar.xz.asc
4. Click on the big icon for your operating system. After 5-30 minutes depending on your internet connection speed, you should see that you have downloaded a second file with a name like https://www.torproject.org/dist/torbrowser/8.0.8/tor-browser-linux64-8….
5. Verifying the authenaticity of code before you install is especially important for security critical applications like Tor, but if you can't make steps 6-8 work you can still install Tor Browser; see https://support.torproject.org/tbb/how-to-verify-signature/ for how to obtain the signing key and use GPG to verify the "detached" signature of the "tarball" ***.tar.xz
6. Once you have verified the tarball, make a directory, AKA folder, and move the tarball file ***.tar.xz there. Unpack it (this may be as simple as clicking on it). This will take a minute.
7. Once the tarball is unpacked, you should be ready to start launching Tor Browser, which will painlessly connect your computer to the worldwide Tor network. This will take a few minutes because the Tor "client" on your computer needs to download current information (up the the hour) about all the Tor nodes currently available, so it can start building Tor "circuits". When this is done the browser should launch itself and you can start surfing.
Hope this is all helpful. It's not as complicated as I am probably making it sound. If run into trouble, try asking a friend you trust to help you get TB installed.
They didn't hint what their…
They didn't hint what their OS is, so don't assume Linux. If you have to assume, assume the one with the most market share: Windows. Tar.xz will confuse most newbies. GPG is good to encourage but will definitely confuse and put off most newbies. Your file names aren't file names; they have slashes which denote folders, a path or a URL. Don't invent jargon like "location pane" when the overwhelming majority of people and help documents call it the "address bar". Include GetTor as an alternative. The rest looks good to me.
first time commenter....been…
first time commenter....been playing with TOR for a short time and i like it. seems to have a nitch for what it does. one thing i have a hard time with as i am older, is the font sizes in the firefox url and tool bar areas. In the past i have used theme font and size changer and it really did the job for us vision-impaired folks. i hate to make system wide changes to fix this as i use other browsers also and dont want to change them...they use easy add-on fixes.
So is there any reasonably easy fix for this firefox problem or are we just left out.
Easy? Yes, the Theme Font &…
Easy? Yes, the Theme Font & Size Changer is in the present. But I don't know if doing it will maintain privacy. Changing the browser's UI widgets can sometimes change values that are in your browser fingerprint. Tor Project cautions users who want to customize the browser and install other add-ons. There may be other ways of doing it, and the add-on may not affect privacy, but I personally don't know.
> one thing i have a hard…
> one thing i have a hard time with as i am older, is the font sizes in the firefox url and tool bar areas.
You are not alone! I seem to have grown old using Tor :-) so I have similar issues.
Because Tor Browser is modified Firefox you can easily install Mozilla add-ons or plug-ins just like you would do with Firefox, and these will probably "work" like they do with Firefox. But there is a problem: installing plug-ins can make your Tor Browser more distinguishable from other Tor Browsers, i.e. you can become less anonymous.
I sometimes wish the TB team had the time and resources to test TB for usability with users who have some vision/hearing impairment, but at a time when Tor Project is fighting an existential battle with FBI/NSA/GCHQ/etc ("Going Dark"), we should probably accept that TP needs to have other priorities right now.
كيف استخدم التور
كيف استخدم التور
https://tb-manual.torproject…
https://tb-manual.torproject.org/ar/
I'm getting an error when…
I'm getting an error when trying to connect to Tor on this Android app release on Android 4.4.4
I tried to navigate to this location manually with a terminal emulator but I did not have permission to enter the final part of the path. I could cd up to /data/data/org.torproject.torbrowser_alpha/app_torservice/ only. I suspect any attempt to create this file in the Java code might also be failing?
According to sysrqb, this…
According to sysrqb, this looks like this ticket:
https://trac.torproject.org/projects/tor/ticket/30162
That ticket appears to be…
That ticket appears to be for a different symptom.
Try https://trac.torproject.org/projects/tor/ticket/30284
Does DuckDuckGo not show a…
Does DuckDuckGo not show a logo now to anyone anymore, or is it just me?
No logo for me, security set…
No logo for me, security set to high, all noscript disabled, :config java disabled.
The DuckDuckGo logo is an…
The DuckDuckGo logo is an SVG image. Is your security slider set to Safest? Safest blocks SVG images.
DuckDuckGo logo remains…
DuckDuckGo logo remains empty in all security setting modes.
I did the latest Update for…
I did the latest Update for the TOR browser, now I cannot log into my proton mail account, it just spins and spins, then says "another page is making it slow", when I do not have anything else open. It is so frustrating, I need to get into my email. I have uninstalled and reinstalled 2 times, still the same issues. ???
Protonmail loads an entire…
Protonmail loads an entire encrypted interface in your browser using Javascript. Click "Wait" a few times. If it doesn't eventually complete, try lowering your security slider. Onion icon -> Security Settings.
Do you by any chance have a…
Do you by any chance have a slow internet connection? Try disabling image loading by default in about:config (just a wild guess)
When will seperate apk of…
When will a separate Tor Browser apk without Orbot be released?
Hopefully with the next…
Hopefully with the next release.
Hello, the last Tor Browser…
Hello,
the last Tor Browser release for Android has not been uploaded yet on F-Droid. Is Tor Project relying on Guardian Project's repo? Or do you have your own and I missed something?
Cheers
No, this is still a manual…
No, this is still a manual process where we need some help from F-Droid folks. I've pinged them. Sorry for the inconvenience. This should be fixed shortly.
torbrowser currently…
torbrowser currently unusable, suspect italian guard node is deliberately sabotaging traffic by restricting it to a trickle of bytes
Verify the guard's …
Verify the guard's "Advertised Bandwidth" value and History graphs of bytes-per-second on the Tor Metrics Relay Search. See the old contact page for instructions to contact Tor Project about security issues or bad relays.
When I start the…
When I start the installation of English (en) - 32-bit (https://www.torproject.org/dist/torbrowser/8.0.8/torbrowser-install-8.0…), it asks to choose between 2 languages ONLY (Arabic and Persian) although I clearly choose the English version, and the file indicates that it is an en_US version. It does the same when I choose the Arabic version, it asks to choose between the 2 same languages. I realize that it is reading the region and languages that I have installed, but It's very inconvenient for me cause I want to install it in English. Please look into this as I can't update to that version (or any new version if it keeps doing that) until that issue is fixed, thanks for your efforts.
It should show you quite a…
It should show you quite a bunch of locales, regardless of your region (although it might make an educated guess and offer you one as the first option based on your desktop environment).
That said this is quite puzzling and you are the first one reporting this behavior. Some questions:
1) Does this happen with the 64-bit version as well (I hope you can run that one)?
2) Does it happen with older versions, too? If not with all older versions, could you pinpoint the one where this behavior started? You can find older versions here: https://archive.torproject.org/tor-package-archive/torbrowser/.
Thanks for your reply gk, …
Thanks for your reply gk,
No, it only shows those 2 languages only (Arabic and Persian), I do speak Arabic and my locale is set to Arabic, but I don't know Persian, so I would understand that Arabic is given as a choice, but why Persian and not English?
To answer your questions:
1- I did download the 64-bit version, but not installed it yet as I don't use it much, this is happening on the 32-bit system which I use 24/7, and it shouldn't because as I pointed out it is the En_US version that I chose to download 1st, when that issue happened, I tried the Arabic version thinking maybe the files are cross-linked by error, but it gave me the same 2 languages choices.
2- I currently have version 8.0.3 installed and running fine in English, I haven't downloaded any versions between that and 8.0.8, so I will try to install the versions in between and reply to you.
Thanks, really appreciated…
Thanks, really appreciated. Regarding the 64-bit version: no need to install it if you need, just click on the installer and start it to see whether the locale issue is the same as with the 32-bit bundle or not.
Ok, this issue is only…
Ok, this issue is only happening with all the 32-bit versions, even with v 8.0.1 which I still have, only those 2 languages options are given, this is new and weird since I installed 8.0.1, 8.0.2, and 8.0.3 before in English, but now all 32-bit versions only shows those 2 languages options.
On the 64-bit system, they give me all the languages options, and I just upgraded from 8.0.3 to 8.0.8 in English, so I ran the 32-bit installer on the 64-bit system to see what happens, and it does the same thing, only those 2 languages are given which is puzzling!
I'm scratching my head to what is causing this issue on the 32-bit versions (on both systems), and why now when there were a lot of languages options before!
Did you try to reproduce that issue on your end? Is the same issue happening, or is it just me?
It can't just be my systems, since it's happening on both the 32-bit and 64-bit, right?
Also, on the 64-bit system, I have noticed that when running the x64 installer (any version) it creates a *.tmp folder in the temp folder, in that *.tmp folder there are 2 file created during the installation process (langDLL.dll and system.dll).
That does NOT happen when I run the x86 versions on the x64 system.
I am sure that could be the issue, that langDLL.dll file is the key to choosing which language is chosen during installation. I need a developer to confirm this is what is causing the problem.
Thanks for your assistance.
I use Tor Brawser for…
I use Tor Brawser for Android(Alfa).Taken from the Play Store.
Works well,BUT THERE is ONE BIG PROBLEM WITH a VERY IMPORTANT WEBSITE!
All sites open fine EXCEPT ONE.
From ~50-80(!) trial downloads site,TOR comes to www.important.website only 1-2 times... And at a very slow speed. Site loading is promoted only by 10% and stands still.Then he writes: "The connection has timed out
The server at important.website is taking too long to respond.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your mobile device's data or Wi-Fi connection."
This situation with the website www.important.website not only me,but ALL TOR USERS.
I tried ALL kinds of bridges,made their request on the site - it's useless.
WHAT COULD IT BE???
The reason???
What exactly is tor or the site www.important..website wrong???
Can I change something in Togh to have a normal loading of the site? Please try personally to go to www.important.website with their Togas and tell the result.
I will be grateful for any help and advice!
Thank you!
It seems the site is somehow…
It seems the site is somehow misconfigured or blocking Tor (fwiw: i replaced it with "important.website" to not leak that information). Alas, that's nothing we can fix on our side. Please contact the owner of that website to get that resolved on their end.
> I tried ALL kinds of…
> I tried ALL kinds of bridges
Websites don't see your bridge or guard node. They see your exit node. There was nothing wrong with your bridge or guard node if all other sites were opening fine. In your situation, the problem could have been either the exit node or the website. But you tried other exit nodes, so the problem is the website, not you or Tor.
https://support.torproject.org/#censorship-2
https://2019.www.torproject.org/docs/faq.html.en#GoogleCAPTCHA
It blocks HTTPS for a start
It blocks HTTPS for a start
Your shitty obfs4proxy.exe…
Your shitty obfs4proxy.exe doesn't exit when tor crashes, making Tor Browser unusable.
What is happening in that…
What is happening in that case? Like how does that render Tor unusable? Do you have a way to crash Tor in a reproducible fashion so that we can reproduce that bug (and investigate the Tor crashes)? If so, what are the steps for that?
Hm, maybe that's actually…
Hm, maybe that's actually https://trac.torproject.org/projects/tor/ticket/21967. Or better: maybe a fix for that bug with help with the crash scenario as well...
If it fixes the problem for…
If it fixes the problem for all platforms, it'lll be great.
Tor Launcher asks to Restart…
Tor Launcher asks to Restart Tor, but it crashes again and again. You can crash tor.exe manually to test.
switching from built-in…
switching from built-in bridge to bridgedb doesn't work on Windows!
Tor WARN: Failed to find node for hop #1 of our path. Discarding this circuit.
What Tor Browser version is…
What Tor Browser version is that? Is that reproducible on your system or only sometimes happening?
This version. It is…
This version. It is reproducible, but, probably, you need to select 'This computer goes through a firewall' as well....
Is the bridge accepting…
Are the bridges accepting connections on a port that you selected in the "firewall" option? Examine the bridge lines to find the number after the colon ":". Don't tell it to anyone.
If it isn't a configuration problem on your end, you can see if it's a problem on the bridge's end in Relay Search.
request a new bridge via…
request a new bridge via bridgedb gives the same bridge every time.
Yes, that's a feature so…
Yes, that's a feature so that an attacker can't enumerate all the bridges available.
that's fine for bridgedb,…
that's fine for bridgedb, but moat gives you one bridge only, and what to do if it doesn't work?
trying to connect via…
trying to connect via bridgedb's bridge ends with nothing, but:
Tor NOTICE: Application request when we haven't used client functionality lately. Optimistically trying known bridges again.
Which operating system are…
Which operating system are you on? What happens after that notice? Do you have steps to reproduce that problem? Maybe the bridge is down?
Windows 10. Nothing. If the…
Windows 10. Nothing. If the bridge from moat is down, how to get another one?
What I am missing in TOR…
What I am missing in TOR-browser is "middle-click-open" in Linux. (First select text and then paste it by middle-click.)
I would use it to open a link from my text-based reader. It is possible to middle-click-open by clicking the "info-icon" in front of the address bar. But where to click if there is no page open (then there is no info-icon).
I start TOR-browser using empty page and thus have no info-icon where to click.
I propose to make the big "+"-sign of new tab to be middle-clickable like it is in Opera-browser.
Middle-click paste works for…
Middle-click paste works for me between Tor Browser and other programs, but you want middle-click open which is dangerous if done by accident. See bug ticket #10089. Developers of Mozilla Firefox patched it in Firefox in 2017.
Middle-click behaviors are configuration options between user-level programs and your OS. As far as Tor Browser goes, it's based on Firefox, so search for Firefox's preferences. Open a new tab in Tor Browser, and visit "about:config". Click "I accept the risk." In the search box there, type "middle" for example. You'll see one of the preferences named "middlemouse.paste" which is default true. Another named "middlemouse.contentLoadURL" is default false. "contentLoadURL" is the preference to open what is in your clipboard. Do web searches for these preferences for more information. To enable middle-click-open and accept its dangers, toggle "middlemouse.contentLoadURL" to "true".
Thank you for uncovering that "contentLoadURL = false" does not affect middle-clicking on the "Show site information" icon in the address bar in front of a loaded URL. Tor Browser developers, take a look at that.
Interesting. I am not sure…
Interesting. I am not sure whether we should block the "i" behavior here as well as we set the pref to "false" to prevent _accidentally_ leaking information. However, it seems to be pretty hard to accidentally hit the "i" icon and have a URL on the clipboard and middle-click. If you feel strongly, though, please open a bug (bonus points for actually opening a bug at Mozilla's bug tracker to get that on their radar).
fuckingfox CP got stuck in…
fuckingfox CP got stuck in networking IO, ate memory till OOM and was terminated. Win 10.
Tor WARN: Failed to unlink C…
Tor WARN: Failed to unlink C:\Tor Browser\Browser\TorBrowser\Data\Tor\unverified-microdesc-consensus: Permission denied
Which Windows is that? When…
Which Windows is that? When do you see this message?
win10. saw that at startup.
win10. saw that at startup.
Do you see that with every…
Do you see that with every start?
No, only if it was…
No, only if it was previously deleted.
Okay, which Tor Browser…
Okay, which Tor Browser version are you using? I suspect Tor Browser 8.5a11? If so, could you test whether you see the same problem with the current stable Tor Browser (8.0.8) downloaded from our website?
I've been unable to find the…
I've been unable to find the version control, or even source code for "Tor Browser for Android". I believe it is derived from MPL-licensed source code, is it not?
It is. We build the Firefox…
It is. We build the Firefox part for all platforms (including Android) from code in our tor-browser repository: https://gitweb.torproject.org/tor-browser.git.
still have the same issue…
still have the same issue with this release as well, the only difference is that there is no crash popup message from android, instead the tor settings page is white and torbrowser freezes. not a significant difference, I only have to terminate torbrowser manually now when its stuck in that white page.
https://trac.torproject.org/projects/tor/ticket/29982
https://blog.torproject.org/comment/280338#comment-280338 (original thread)
Could you jump on that Trac…
Could you jump on that Trac ticket and help us tracking the issue down? Otherwise I can try to give you instructions to get us the necessary info here in the thread (that has the disadvantage, though, that a lot of the devs would miss that conversation).
Why webgl is enabled by…
Why webgl is enabled by default?
Because a bunch of websites…
Because a bunch of websites are broken without it. We have the security issues covered by the security slider and the fingerprinting issues are covered by patches/preference settings.
What is your fingerprint of…
What is your fingerprint of Panopticlick's webgl test? How many of them does TBB have?
cannot access facebook since…
cannot access facebook since the update
Since which update? What Tor…
Since which update? What Tor Browser version are you using on which operating system?
After updated last version…
After updated last version on Android, addons like Noscripts and Httpeverywhere are detected by Mozilla as corrupted. Even if I tried reinstalling them ,they are blocked. Else Tap to Translate addons and Spoffing User Agent. So using a simple check browser, the site reported everything about my system. BROWSER ,AND MOBILE DIVECE. ANONIMYTE AND PRIVACY ARE FUCKED WITH THIS LAST VERSION ON ANDROID. SORRY.
https://trac.torproject.org…
https://trac.torproject.org/projects/tor/ticket/30388
Agreed. This new version is…
Agreed. This new version is COMPLETELY broken for me. Noscript is disabled.
13:44:13.793 TypeError:…
13:44:13.793 TypeError: event.originalTarget.getAttribute is not a function 1 tabbrowser.xml:1977:13
onxblmouseout chrome://browser/content/tabbrowser.xml:1977:13
After opening the TorBrowser…
After opening the TorBrowser, I get the following message: "NoScript could not be verified for use in the Torbrowser and has been disabled."
I`m using macOS Mojave 10.14.4
Yes, there is currently an…
Yes, there is currently an issue with the add-ons:
https://trac.torproject.org/projects/tor/ticket/30388
Should replace OS X to macOS…
Should replace OS X to macOS
its been done upstream:…
its been done upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1511434
Why was the NoScript…
Why was the NoScript extension disabled in my Tor Browser? It says that NoScript is obsolete and no longer supported by Tor Browser.
I just installed TBB 8.5a11…
I just installed TBB 8.5a11 x64 bit to test a disabled Noscript problem that I discovered today in the stable TBB 8.0.8. The newer version of Noscript is also disabled in TBB 8.5a11. The hamburger>Add-ons>Legacy comment is the same as for TBB 8.0.8 x64bit: "Noscript could not be verified for use in Tor Browser and has been disabled". Scripts are being allowed in the safest security level. Twitter has previously failed to load in "safest", but has loaded in "safer". Now ... boom! It loads with security level set at safest. I wonder if this is a Mozilla problem. I'm using Windows 7 Pro x64bit. Thank you.
does this version have same…
does this version have same recent extension's install problem ??
Tor 8.0.8 is not updating to…
Tor 8.0.8 is not updating
to 8.5 of 16th April ?!
Is 8.0.8 then corrupted ?
There is no 8.5 released yet…
There is no 8.5 released yet, so everything is fine. However, you should get an update to 8.0.9.
When is Tor going to put out…
When is Tor going to put out a fix that is going to stop the ddos attack from happening.
Currently there are many sites on the tor nework that are under heavy ddos attacks.
We need a solution, we need a patch....
WHen?
The problem is not easy to…
The problem is not easy to fix. We are working on it. See for instance https://lists.torproject.org/pipermail/tor-dev/2019-April/013790.html.
Still no way to save or…
Still no way to save or download images so its still completely useless to me tbh!